1#include <stdio.h> 2#include <xtables.h> 3#include <linux/netfilter/xt_esp.h> 4 5enum { 6 O_ESPSPI = 0, 7}; 8 9static void esp_help(void) 10{ 11 printf( 12"esp match options:\n" 13"[!] --espspi spi[:spi]\n" 14" match spi (range)\n"); 15} 16 17static const struct xt_option_entry esp_opts[] = { 18 {.name = "espspi", .id = O_ESPSPI, .type = XTTYPE_UINT32RC, 19 .flags = XTOPT_INVERT | XTOPT_PUT, 20 XTOPT_POINTER(struct xt_esp, spis)}, 21 XTOPT_TABLEEND, 22}; 23 24static void esp_parse(struct xt_option_call *cb) 25{ 26 struct xt_esp *espinfo = cb->data; 27 28 xtables_option_parse(cb); 29 if (cb->nvals == 1) 30 espinfo->spis[1] = espinfo->spis[0]; 31 if (cb->invert) 32 espinfo->invflags |= XT_ESP_INV_SPI; 33} 34 35static void 36print_spis(const char *name, uint32_t min, uint32_t max, 37 int invert) 38{ 39 const char *inv = invert ? "!" : ""; 40 41 if (min != 0 || max != 0xFFFFFFFF || invert) { 42 if (min == max) 43 printf(" %s:%s%u", name, inv, min); 44 else 45 printf(" %ss:%s%u:%u", name, inv, min, max); 46 } 47} 48 49static void 50esp_print(const void *ip, const struct xt_entry_match *match, int numeric) 51{ 52 const struct xt_esp *esp = (struct xt_esp *)match->data; 53 54 printf(" esp"); 55 print_spis("spi", esp->spis[0], esp->spis[1], 56 esp->invflags & XT_ESP_INV_SPI); 57 if (esp->invflags & ~XT_ESP_INV_MASK) 58 printf(" Unknown invflags: 0x%X", 59 esp->invflags & ~XT_ESP_INV_MASK); 60} 61 62static void esp_save(const void *ip, const struct xt_entry_match *match) 63{ 64 const struct xt_esp *espinfo = (struct xt_esp *)match->data; 65 66 if (!(espinfo->spis[0] == 0 67 && espinfo->spis[1] == 0xFFFFFFFF)) { 68 printf("%s --espspi ", 69 (espinfo->invflags & XT_ESP_INV_SPI) ? " !" : ""); 70 if (espinfo->spis[0] 71 != espinfo->spis[1]) 72 printf("%u:%u", 73 espinfo->spis[0], 74 espinfo->spis[1]); 75 else 76 printf("%u", 77 espinfo->spis[0]); 78 } 79 80} 81 82static struct xtables_match esp_match = { 83 .family = NFPROTO_UNSPEC, 84 .name = "esp", 85 .version = XTABLES_VERSION, 86 .size = XT_ALIGN(sizeof(struct xt_esp)), 87 .userspacesize = XT_ALIGN(sizeof(struct xt_esp)), 88 .help = esp_help, 89 .print = esp_print, 90 .save = esp_save, 91 .x6_parse = esp_parse, 92 .x6_options = esp_opts, 93}; 94 95void 96_init(void) 97{ 98 xtables_register_match(&esp_match); 99} 100